package org.wlgzs.office_exam_student.permission;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.wlgzs.office_exam_student.entity.User;
import org.wlgzs.office_exam_student.servlet.BaseServlet;

/**
*@author song(mejeesong@qq.com)
*2018年1月25日
*
*/
public class Authentication {
	
	public static final String USER_KEY = "user";
	
	public static boolean can(HttpServletRequest req,String power) {
		return true;
	}
	public static boolean is(HttpServletRequest req,String role) {
		User user = user(req);
		return user == null ? false:role.equals(user.getRole());
	}
	public static void login(HttpSession session,User user) {
		if(user != null) {
			session.setAttribute(USER_KEY, user);
		}
	}
	public static void logout() {
		HttpSession ses = BaseServlet.threadReq.get().getSession();
		ses.removeAttribute(USER_KEY);
		
	}
	public static User user() {
		return (User)BaseServlet.threadReq.get().getSession().getAttribute(USER_KEY);
	}
	public static User user(HttpServletRequest req) {
		return (User)req.getSession().getAttribute(USER_KEY);
	}
}
